Info Security Sr Analyst - TS/SCI Req'd

Location
Ft Belvoir, VA
Posted
Apr 25, 2017
Closes
Jun 07, 2017
Industry
Security
Hours
Full Time
The Information Assurance Engineer will conduct assessments of existing IT architecture for compliance with security requirements from applicable security frameworks, such as FISMA, ISO 27001, etc., and utilize all DHS automated tool sets. He/she will also ensure that the ISSOs have the necessary information throughout the lifecycle of each system. More specific responsibilities and task expected of this individual include:

    Create documentation to support information system authorization/accreditation packages. Be required to develop technical security documentation including items needed to develop a complete System Security Plan (SSP)Provide continuous monitoring support utilizing tools for information systems. Develop IT architecture deliverables, specific to information security countermeasure implementations, for operational systems and systems under development. Develop IT security policies, standards, and guidance. Ensuring artifact quality control of Security Assessment and Authorization (formerly Certification and Accreditation or C&A) documentation.Validating all information system security reporting.Overseeing the Plan of Action and Milestones (POA&M) process for assigned systems.Reviewing and monitoring POA&Ms for each IT system.Ensuring timely POA&M updates to the XACTA database.Ensuring that the Xacta automated tool, is utilized for conducting security assessment and authorization evaluations, and for reporting required IT security program status information.Ensuring DHS encryption policy is implemented and enforced.Advising project managers on the implementation of DHS encryption standards.
Education Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.

Qualifications 5-8 years of related experience in data security administration.

 
    Must possess one of the following current certifications: CISSP OR CASP
Experience must include:

    Strong Knowledge of the NIST 800-37 and other Risk Management Frameworks (DIACAP).Extensive knowledge of the C&A process within the NIST Risk Management Framework and experience reviewing, advising, and processing and maintaining A&A Packages throughout the lifecycle of the system.Knowledge and experience reporting Information Assurance Vulnerabilities Messages (ISVMs) in compliance with Federal GuidelinesDemonstrate competency in the use of DHS automated tool sets, including Xacta.Exceptionally good written and oral communication skills.Good interpersonal and consulting-type skills.Desirable skills– Scripting in Perl, SQL, Java, Unix/Linux
 As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.